This is a Perl-coded script designed to backup eDirectory on Linux or Solaris. eDirectory 8.7.x, 8.8, and 9.0 along with NICI 2.6.x, 2.7, and 3.0 currently work and are tested on Linux and, where possible, Solaris. To run the script save it to a box with eDirectory on it and make the script executable. The script will automatically run with Perl when it is run directly. Perl comes, by default, on all Unix and Linux distributions. The script will run anywhere Perl is though it is not made to do anything properly on other platforms.
Update: 2015 June 2015 – Added support for eDirectory 9.0
Update: 2012 Mar 22 – Fixes a couple of potential issues that have come up over the past couple years.
Update: 2007 Mar 03 – Now backs up vardir instead of dibdir only. For 8.8 it also backs up dibdir if it is not contained in vardir for large distributed-filesystem environments.
The script has a few options that can be passed in for scriptability without prompts. The info from ndsrc.pl -h follows:
|./ndsrc.pl -h||#Show help information. This info here.|
|./ndsrc.pl -s||#Force through the reminders that are defaults.|
-h #Show help information. This info here.
-s #Force through the reminders that are defaults.
-n #Prevent restart of eDirectory after backup.
The -p option lets you specify where to put the destination TAR (Tape ARchive) files. This defaults to /root for security reasons. On Solaris you will want to create and secure this directory if it does not exist by default.
The -c option specifies a configuration (nds.conf) file specifically. This is useful for eDirectory 8.8 where multiple instances exist and need to be backed up in a scripted fashion (weekly backups of the entire DIB, for example).
The -d option specifies the directory where multiple configuration files exist. By default this is the /etc/opt/novell/eDirectory/conf/.edir/ directory. Having this configurable allows the script to be used for non-root installations of eDirectory. Non-root installations are installed all to one location, like a user’s home directory.
The -s option skips through the first prompt telling the user that the DS instance that is backed up will be shutdown for the backup to be properly taken. Use this whenever the script is called from other scripts where interactivity is not an option. It can also be used to prevent one more check that may be annoying.
The -n option will cause the eDirectory instance to remain turned off after the backup. The biggest use for this option is helping customers perform an upgrade via migration to a new box, for example building a new system with latest patches, installing eDirectory, giving the new box the same hostname and IP as the old box, then on the old box stopping eDirectory, getting the conf/DIB/NICI information, and moving it to the new box which takes over the identity. In OES terms this would be an ID Transfer, but that does not exist officially in eDirectory-land. Still, this process works very well, and is very useful for IDM migrations in particular because all of the driver information remain the same and is present in the DIB, plus this provides minimal downtime for a full system upgrade of any eDirectory host. Without using this option in this case, though, ndsrc.pl “helpfully” restarts eDirectory after the backup, which is exactly what you do not want.
To run this script with eDirectory 8.8 be sure you have run the ndspath command. Without this the script will fail because it cannot find ndsmanage. This goes for eDirectory installed as root or non-root. As long as ndsmanage can be called without the absolute path the script will work.
The script has many lines of comments at the beginning regarding the scripts operation. Read these before using the script. Also you should try this out on your own and understand how things work before making this backup your DS nightly. Failing to do so could leave your DS stopped when it should have been restarted. The script performs no checks for adequate space and each backup is made to a new file so running this regularly will, eventually, fill your hard drive.
At the end of each run of the script a return value is sent back to the prompt for interpretation. A 0 means there were no fatal errors, a 1 means there was a fatal error. As other commands are made by the script the return values of those calls is included in the log which is output to the screen (via STDERR). That can be redirected to /dev/null (./ndsrc.pl -s 2>/dev/null) or it can be saved to a file for further analysis and interpretation (mail it to yourself, for example). The logging is fairly extensive and very helpful for troubleshooting.
The ability to backup other *nix’s may come as I am able to find and test them (AIX is probably next). Comments/critiques/questions appreciated. The source is highly-commented and that is for the good of us all.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.